Privacy Policy
Last updated: February 13, 2026
1. Data Controller
The controller responsible for data processing on this website is:
Apex Telemetry
Email: [email protected]
2. Purposes and Legal Bases
We process personal data only to the extent required under applicable law, including the GDPR.
- Website operation, security, and abuse prevention (Art. 6(1)(f) GDPR).
- User account authentication and account access (Art. 6(1)(b) GDPR).
- Payment processing and subscription management (Art. 6(1)(b) GDPR).
- Customer support and communication (Art. 6(1)(b) or Art. 6(1)(f) GDPR).
- Compliance with legal obligations (Art. 6(1)(c) GDPR).
We use your email address to send you account notifications, coaching session summaries, product updates, and relevant sim racing content. We will never sell your data to third parties.
3. Categories of Data
- Account data: email address, user ID, role, and subscription status.
- Usage data: requested pages, request timestamps, and technical request metadata.
- Payment data: transaction and billing details handled through Stripe.
- Communication data: support and contact requests.
When you create an account, we collect your email address and record your consent to receive platform communications. We store the date and time this consent was given.
4. Processors and Recipients
We use external service providers that process data on our behalf or under their own responsibility:
- Supabase (authentication and user management): Privacy Policy
- Stripe (payment processing): Privacy Policy
- Cloudflare (hosting, CDN, and edge infrastructure): Privacy Policy, DPA
5. International Transfers
Data may be processed outside the EU/EEA (including the United States). Where required, transfers rely on appropriate safeguards such as Standard Contractual Clauses under Art. 46 GDPR or other lawful mechanisms.
6. Retention Periods
- Account data: until account deletion or the end of the processing purpose.
- Billing and payment records: as required by applicable legal retention obligations.
- Security and server logs: only for as long as necessary for operations and security.
- Support data: until request resolution and any required follow-up period.
We retain your data for as long as your account is active. If you delete your account, your personal data is removed within 30 days.
7. Your Rights
Under GDPR, you may have the right to access, rectify, erase, restrict, object, and receive a portable copy of your data.
To exercise your rights, contact us at [email protected].
You have the right to access, correct, or delete your personal data at any time. To unsubscribe from marketing emails, click the unsubscribe link in any email or contact us at [email protected]. To request deletion of your account and associated data, contact us at the same address.
8. Complaints
You have the right to lodge a complaint with a supervisory authority if you believe your personal data is processed unlawfully.
9. Policy Updates
We may update this Privacy Policy to reflect legal, technical, or operational changes.